The adoption of open-source software is now increasingly commonplace in the enterprise, but this has meant that software compliance checking has become essential.
The Linux Foundation has now come up with a tool to automate the process.
The Linux Foundation announced the availability of The Linux Foundation FOSS Bar Code Tracker, a new tool for tracking Free and Open Source Software (FOSS) components.
Released as an open-source project under the MIT license, the new software tool aims to simplify the way open-source components are tracked and reported by using an auto-generated, custom QR code for each product. The QR code contains important information on the FOSS stack contained in a product, such as component names, version numbers, license information and links to download the source code, among other details.
For companies adopting Software Package Data Exchange (SPDX), which provides a standardised way of defining license information across vendors in the supply chain, or other standard formats for open-source license components, the FOSS Bar Code Tracker provides the mechanism to load the standard file and generate the desired QR code.
“As the supply chain has gotten more distributed, the process of license compliance needs to be easy, fast and streamlined,” Eben Moglen, executive director, Software Freedom Law Center, said in a statement. “The Linux Foundation’s new FOSS Bar Code Tracker addresses this with a tool everyone can use. Automating this process will result in gains for FOSS developers, manufacturers embedding FOSS in their products and users who want to get the most value from the products they buy.”
As part of its Open Compliance Program, The Linux Foundation’s FOSS Bar Code Tracker generates a one-dimensional bar code, a QR code with data, or a QR code as hot link, making key information about a product’s compliance available at the click of a button.
Additional features of the FOSS Bar Code Tracker include compliance record manipulation and a license panel to manage licenses, among other things.
“Through our Open Compliance Program, we’ve learned that companies desperately need a free software tool for tracking and reporting open-source software components,” said Jim Zemlin, executive director at The Linux Foundation, in a statement. “The new FOSS Bar Code Scanner will drastically reduce the resources needed to track and report information about the software included in every product and instill even more confidence in the companies using Linux and open-source software to compete in today’s mobile and consumer electronics markets.”
How well do you know your operating systems? Take our quiz.
Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…